Browsers shipped a security model for humans. Agents are asking us to keep using it.
Scored daily by a customisable AI persona to surface the most relevant engineering leadership news.
Critical analysis of browser security model for agents, highly relevant and novel.
The browser security model—same-origin policy, user gesture requirements, and permission dialogs—assumes a human at the keyboard whose intent authorizes actions. The new wave of agent-driven browsers (Anthropic Computer Use, Google Project Mariner, OpenAI Operator, Perplexity Comet) replaces that human with an LLM while keeping the same security mechanisms intact, creating a fundamental mismatch. Anthropic's own launch docs warn that Claude may follow adversarial instructions in webpage content, highlighting the structural vulnerability that the W3C's WebMCP proposal aims to address.